392 lines
13 KiB
Plaintext
392 lines
13 KiB
Plaintext
--MibName=raisecomSsh
|
|
-- =======================================================================
|
|
-- SSH MIB
|
|
--
|
|
-- Version 1.0 Created at Sep 10, 2007 by LIQIONG
|
|
--
|
|
--
|
|
--
|
|
-- Copyright(c) 2002-2005 by RAISECOM TECH, Ltd.
|
|
-- =======================================================================
|
|
|
|
|
|
RAISECOM-SSH-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
MODULE-IDENTITY, OBJECT-TYPE,
|
|
NOTIFICATION-TYPE, OBJECT-IDENTITY,
|
|
IpAddress
|
|
FROM SNMPv2-SMI
|
|
TruthValue, RowStatus
|
|
FROM SNMPv2-TC
|
|
EnableVar
|
|
FROM SWITCH-TC
|
|
raisecomAgent
|
|
FROM RAISECOM-BASE-MIB;
|
|
|
|
raisecomSsh MODULE-IDENTITY
|
|
LAST-UPDATED "200009210000Z" -- 21 September 2000
|
|
ORGANIZATION "raisecom"
|
|
CONTACT-INFO
|
|
|
|
"raisecom"
|
|
DESCRIPTION
|
|
""
|
|
|
|
::= { raisecomAgent 15 }
|
|
|
|
raisecomSshObjects OBJECT IDENTIFIER ::= { raisecomSsh 1 }
|
|
raisecomSshTraps OBJECT IDENTIFIER ::= { raisecomSsh 2 }
|
|
|
|
-- raisecomSshSvrConfiguration group
|
|
raisecomSshSvrConfiguration OBJECT IDENTIFIER ::= { raisecomSshObjects 1 }
|
|
|
|
sshServerVersion OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
ssh-1(1),
|
|
ssh-2(2),
|
|
both(3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the Secure Shell server working version.
|
|
In another words, it specifies which versions of Secure Shell
|
|
protocol connections that device will accept from Secure Shell clients."
|
|
DEFVAL { 3 }
|
|
::= { raisecomSshSvrConfiguration 1 }
|
|
|
|
sshServerAuthenTimeout OBJECT-TYPE
|
|
SYNTAX INTEGER (100..65535)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies time limit client takes to pass server authentication.
|
|
The server will disconnect the client that can't pass authentication in the
|
|
time this object specifies since its first request."
|
|
DEFVAL { 600 }
|
|
::= { raisecomSshSvrConfiguration 2 }
|
|
|
|
sshServerAuthenRetries OBJECT-TYPE
|
|
SYNTAX INTEGER (1..100)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies time limit client takes to pass server authentication.
|
|
The server will disconnect the client that can't pass authentication in the
|
|
time this object specifies since its first request."
|
|
DEFVAL { 20 }
|
|
::= { raisecomSshSvrConfiguration 3 }
|
|
|
|
sshServerHostKeyName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..16))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the name of host key server uses."
|
|
::= { raisecomSshSvrConfiguration 4 }
|
|
|
|
sshServerEnable OBJECT-TYPE
|
|
SYNTAX EnableVar
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enables or disables the Secure Shell (SSH) server on the device."
|
|
::= { raisecomSshSvrConfiguration 5 }
|
|
|
|
sshServerAuthenType OBJECT-TYPE
|
|
SYNTAX INTEGER{
|
|
none(1),
|
|
public_key(2),
|
|
pass_word(3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the way client takes to pass server authentication."
|
|
::= { raisecomSshSvrConfiguration 6 }
|
|
|
|
sshServerPort OBJECT-TYPE
|
|
SYNTAX INTEGER (1..65535)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the listen port of ssh server."
|
|
DEFVAL { 22 }
|
|
::= { raisecomSshSvrConfiguration 7 }
|
|
|
|
--raisecomSshKeyPairMgnt
|
|
raisecomSshKeyPairMgnt OBJECT IDENTIFIER ::= { raisecomSshObjects 2 }
|
|
|
|
sshKeyPairGenerationStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
keyGenerationSuccess(1),
|
|
keyGenerationInProgress(2),
|
|
keyGenerationInvalidName(3),
|
|
keyGenerationInvalidModulus(4),
|
|
keyGenerationKeyExist(5),
|
|
keyGenerationNumLimit(6),
|
|
keyGenerationKeySavingError(7)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The object indicates the status of key generation.
|
|
The keyGenerationSuccess indicates that key generation succeeded.
|
|
The keyGenerationInvalidName indicates that the sshKeyPairName is invalid.
|
|
The keyGenerationInvalidModulus indicates that the sshKeyPairModulusSz is invalid.
|
|
The keyGenerationKeyPairExist indicates that there's key with the same name.
|
|
The keyGenerationKeySavingError indicates that saving key failed.
|
|
The keyGenerationNumLimit indicates that the number of keys reaches to limit.
|
|
The keyGenerationInProgress indicates that the key is being generated."
|
|
::= { raisecomSshKeyPairMgnt 1 }
|
|
|
|
sshKeyPairTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF SshKeyPairEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION ""
|
|
::= { raisecomSshKeyPairMgnt 2 }
|
|
|
|
sshKeyPairEntry OBJECT-TYPE
|
|
SYNTAX SshKeyPairEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION ""
|
|
INDEX { sshKeyPairName }
|
|
::= { sshKeyPairTable 1 }
|
|
|
|
SshKeyPairEntry ::= SEQUENCE
|
|
{
|
|
sshKeyPairName OCTET STRING,
|
|
sshKeyPairType INTEGER,
|
|
sshKeyPairModulusSz INTEGER,
|
|
sshKeyPairComment OCTET STRING,
|
|
sshKeyPairTrapOnComplete TruthValue,
|
|
sshKeyPairPubData OCTET STRING,
|
|
sshKeyPairStatus RowStatus
|
|
}
|
|
|
|
sshKeyPairName OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(1..16))
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the key unique name
|
|
which used by server to determine host key."
|
|
::= { sshKeyPairEntry 1 }
|
|
|
|
sshKeyPairType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
rsa(1),
|
|
dsa(2)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Key type which specifies the generation algorithm."
|
|
::= { sshKeyPairEntry 2 }
|
|
|
|
sshKeyPairModulusSz OBJECT-TYPE
|
|
SYNTAX INTEGER (512..2048)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies modulus size used to generate key. "
|
|
DEFVAL { 512 }
|
|
::= { sshKeyPairEntry 3 }
|
|
|
|
sshKeyPairComment OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..255))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Comment for this key."
|
|
::= { sshKeyPairEntry 4 }
|
|
|
|
sshKeyPairTrapOnComplete OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies whether the device should send
|
|
a trap or not when finishing key generation."
|
|
::= { sshKeyPairEntry 5 }
|
|
|
|
sshKeyPairPubData OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..255))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Public key data of the key in the file format defined in RFC 4716."
|
|
::= { sshKeyPairEntry 6 }
|
|
|
|
sshKeyPairStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object only includes three valid values:
|
|
createAndGo, notInService, active and destroy.
|
|
It will be set to notInService when generation is being process
|
|
and active when generation succeed, otherwise the associated row will be removed."
|
|
::= { sshKeyPairEntry 7 }
|
|
|
|
-- raisecomSshSessionInfo group
|
|
raisecomSshSessionInfo OBJECT IDENTIFIER ::= { raisecomSshObjects 3 }
|
|
|
|
sshSessionTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF SshSessionEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION ""
|
|
::= { raisecomSshSessionInfo 1 }
|
|
|
|
sshSessionEntry OBJECT-TYPE
|
|
SYNTAX SshSessionEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION ""
|
|
INDEX { sshSessionId }
|
|
::= { sshSessionTable 1 }
|
|
|
|
SshSessionEntry ::= SEQUENCE
|
|
{
|
|
sshSessionId Gauge,
|
|
sshSessionVersion INTEGER,
|
|
sshSessionState INTEGER,
|
|
sshSessionUserId OCTET STRING,
|
|
sshSessionHostAddr IpAddress,
|
|
sshSessionInEncrypt OCTET STRING,
|
|
sshSessionOutEncrypt OCTET STRING,
|
|
sshSessionInHmac OCTET STRING,
|
|
sshSessionOutHmac OCTET STRING,
|
|
sshSessionConnectTime OCTET STRING,
|
|
sshSessionEnable EnableVar
|
|
}
|
|
|
|
sshSessionId OBJECT-TYPE
|
|
SYNTAX Gauge
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An arbitrary index that uniquely identifies a Secure Shell
|
|
Session, but not the session ID generated resulting from key exchange."
|
|
::= { sshSessionEntry 1 }
|
|
|
|
sshSessionVersion OBJECT-TYPE
|
|
SYNTAX INTEGER{
|
|
ssh-1(1),
|
|
ssh-2(2)}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The object indicates the SSH version used by this session."
|
|
::= { sshSessionEntry 2 }
|
|
|
|
sshSessionState OBJECT-TYPE
|
|
SYNTAX INTEGER{
|
|
sessionVersionOk(1),
|
|
sessionKeysExchanged(2),
|
|
sessionAuthenticated(3),
|
|
sessionOpen(4),
|
|
sessionDisconnecting(5),
|
|
sessionDisconnected(6),
|
|
sessionClosed(7)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The object indicates the current state of Secure Shell Session.
|
|
The state sessionVersionOk(1) indicates that server and client
|
|
versions of SSH are exchanged and are compatible.
|
|
The state sessionKeysExchanged(2) indicates that key exchange
|
|
has been completed.
|
|
The state sessionAuthenticated(3) indicates that the client has
|
|
been successfully authenticated.
|
|
The state sessionOpen(4) indicates that the session has been
|
|
successfully opened.
|
|
The state sessionDisconnecting(5) indicates that the session
|
|
disconnection has begun.
|
|
The state sessionDisconnected(6)indicates that the session has
|
|
been disconnected.
|
|
The state sessionClosed(7) indicates that the session has closed."
|
|
::= { sshSessionEntry 3 }
|
|
|
|
sshSessionUserId OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(1..32))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The object indicates user name associated with this session."
|
|
::= { sshSessionEntry 4 }
|
|
|
|
sshSessionHostAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The object indicates IP address of host associated with this session."
|
|
::= { sshSessionEntry 5 }
|
|
|
|
sshSessionInEncrypt OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(1..128))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The object indicates the ingress encryption algorithm of this session."
|
|
::= { sshSessionEntry 6 }
|
|
|
|
sshSessionOutEncrypt OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(1..128))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The object indicates the egress encryption algorithm of this session.
|
|
If the session version is SSH-1, it is always the same as sshSessionInEncrypt."
|
|
::= { sshSessionEntry 7 }
|
|
|
|
sshSessionInHmac OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(1..128))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The object indicates the ingress HMAC algorithm used in this session."
|
|
::= { sshSessionEntry 8 }
|
|
|
|
sshSessionOutHmac OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(1..128))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The object indicates the egress HMAC algorithm used in this session."
|
|
::= { sshSessionEntry 9 }
|
|
|
|
sshSessionConnectTime OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(1..65535))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The object indicates the time of this session has been connected."
|
|
::= { sshSessionEntry 10 }
|
|
|
|
sshSessionEnable OBJECT-TYPE
|
|
SYNTAX EnableVar
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enables or disables this session."
|
|
::= { sshSessionEntry 11 }
|
|
|
|
--traps
|
|
sshKeyPairGenerationCompletion NOTIFICATION-GROUP
|
|
NOTIFICATIONS {
|
|
sshKeyPairGenerationStatus,
|
|
sshKeyPairName
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Key pair generation is completed. "
|
|
::= { raisecomSshTraps 1 }
|
|
|
|
END |